Cyber insurance covers the losses relating to damage to, or loss of information from, IT systems and networks. The policy assists with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement.
As a business, you will rely on information technology (IT) infrastructure to some degree. As a result, many companies are exposed to the risks of business interruption, income loss, damage management and repair, and possibly reputational damage if IT equipment or systems fail or are interrupted (breached).
Cyber security remains a priority with 82% of businesses saying that cyber security is a high priority for their directors or senior managers in the UK’s annual Cyber Security Breaches Survey. Nearly 40% reported breaches, and many have invested in IT to secure remote workers connections.
The average (mean) cost of all cyber security breaches to UK businesses months is estimated to be £4200. For medium and large firms combined, this average cost is higher, at £19,400. The Government also acknowledges that the lack of a framework for financial impacts of cyber attacks may lead to under reporting.
While many existing insurance policies, such as commercial property, business interruption or professional indemnity insurance, may provide some elements of cover against cyber risks, businesses are increasingly asking providers for specialised cyber insurance policies to supplement their existing coverage, particularly if, like you, they hold:
sensitive customer details such as names and addresses or banking information;
rely heavily on IT systems and websites to conduct their business;
process payment card information as a matter of course.
What is Cyber Liability Insurance?
If a company’s IT security is found to be inadequate and a breach occurs, the penalties can be high. You will be required to notify your customers of a cyber security breach and could be fined up to 4% of your turnover**. In addition to potentially substantial fines, cyber breaches can also lead to a damaged reputation, legal costs and associated business disruption and lost revenue. Will your customers trust you after a security breach unless you are seen to be prepared and to manage it professionally and promptly?
Cyber cover and why you need it
Cyber Liability has become headline news following a number of high profile hacking cases which has led to a greater awareness of the risks and need for cover, and it’s not just the large corporates who are at risk.
As a managing agent you are likely to hold a lot of personal and sensitive data concerning your customers. The increasing use of online portals could give hackers access to sensitive information held about individual customer accounts. You can find out more about personal and sensitive data at the Information Commissioner’s Office.
Gallagher works with well-known insurers who offer competitive and comprehensive cyber insurance. This covers you against financial losses and third-party liabilities (up to the limits chosen) arising from cyber attacks.
Cyber, data security and multimedia cover
Liability arising out of media exposure as a result of hacking. For example defamation, libel and infringement of intellectual property rights
The costs incurred, and which cannot be recouped, as a result of a third party benefiting from a data breach
Liability arising from the failure to properly handle, manage, store, destroy or otherwise control personally identifiable information
The costs to withdraw or alter data or images or other website content as a result of a court order or to mitigate a claim
Liability arising out of unintentional transmission of a computer virus
The costs to recover your computer system records that have been lost, damaged or deleted
Liability arising out of a hacker’s fraudulent use of information
Compensation costs arising as a result of directors, partners and employees attending court in connection with a covered claim
Legal defence costs
Your business is at risk if you:
Are reliant on computer systems to conduct your business
Have portals on your website
Hold sensitive customer data electronically
Have a transactional website
Are subject to Payment Card Industry (PCI) merchant and service agreements
Cover options available and their benefits
Information and communication recovery costs
– The costs to repair, restore or replace affected parts of your information and IT hardware and software, after they’ve been stolen, destroyed or affected by a hacker
– Payment for credit monitoring services in order to comply with data breach law
Data breach notification costs
– Costs to inform your customers and anyone affected, that a data breach has occurred
– Legal fees incurred to develop notification communications for the affected parties
– The costs to send and administer notification communications
– The costs of call centre services to respond to enquiries and queries following a notification communication
Regulatory defence and penalty costs
– Payment for any compensation which you are legally obliged to pay (including legal and defence costs)
Forensic costs. Payment for:
– A forensic consultant to establish the identity or methods of the hacker, or any other details required by the insurer following a data breach
– A security specialist to assess your electronic security and reasonable costs to improve them
– The temporary storage of your electronic data at a third party location, if your information and communication assets remain at risk from a hacker
Cyber business interruption cover
– Payment for loss of income as a result of total or partial interruption of communication assets caused by data security breaches, computer viruses and attacks
– Payment for reasonable and necessary expenses incurred, including the value of any ransom paid by the insured, for the purpose of terminating a cyber-extortion threat
– Cover applies to hardware while it is temporarily removed from the insured location
– You can also choose to cover portable hardware anywhere in the world
– The cost to remove viruses and for specialist advice to prevent viruses or hacking attacks following an incident
These are brief product descriptions only. Please refer to the policy documentation paying particular attention to the terms and conditions, exclusions, warranties, subjectivities, excesses and any endorsements.
For a copy of our guide to Cyber insurance, the cover the policy** provides and examples of how the cover could benefit you, click here.
** For full terms and conditions please refer to the policy wording available on request. A broad range of cyber cover protection is offered and specialist advice at a time convenient to you. As with all insurance policies, the policy is subject to limits, conditions and exclusions. For full terms and conditions please refer to the policy wording available on request. This document does not purport to be comprehensive or to give legal advice. While every effort has been made to ensure accuracy, Gallagher cannot be held liable for any errors, omissions or inaccuracies contained within the document.